Adding Identity to the Authorization Layer In the journey through information security, you will frequently encounter OAuth 2.0. While OAuth is excellent at authorization, it was never actually designed for authentication. To solve this, OIDC, or OpenID Connect, was created. Think of it this way: OAuth 2.0 is the key to a hotel room, while OIDC Read More …
Tag: pkce
PKCE – Proof Key for Code Exchange
Securing OAuth 2.0 for the Modern Web In the world of Information Security, acronyms often act as gatekeepers to critical concepts. One of the most vital for modern identity management is PKCE (pronounced “pixie”), which stands for Proof Key for Code Exchange. If you are new to the field, you likely know that OAuth 2.0 Read More …